3 things you should know about cloud security in 2020

The cloud computing market is poised to be worth $623 billion by 2025. Still, despite all the excitement about its benefits, there are downsides.

Cloud security threats  >  Lightning strikes a digital landscape via binary clouds.
Robertiez / Getty Images

The world is now neck-deep in digital. Companies everywhere are trying to conquer the digital universe by revitalizing business models or building new ones from scratch to remain competitive. Much of this action is based on a common foundation: cloud computing.

In fact, the use of cloud computing has exploded over the past decade, and there’s no end to the growth in sight. Global spending on the cloud hit $273 billion in 2018 and is poised to exceed an astonishing $623 billion by 2025, according to industry reports.

The reason for cloud's growth is clear: it is often associated with lower costs, greater flexibility, and greater security. But while cloud offers a big boost in physical security beyond what a garden-variety end-user is typically willing or able to afford, it’s still a shared responsibility proposition. Put another way, the provider oversees cloud security, and the customer is in charge of its own security in the cloud – including the integrity of the stored and processed data, and the resilience of all apps and APIs that interface with the web.

But most cloud packages include only basic security. If an extra layer of security isn’t added, the customer’s entire IT value chain is basically a line of sitting ducks. And since more and more corporate and customer data resides in the cloud, tight IP access can become a serious bottleneck. If the cloud platform is offline, it’s game over.

Disabled by DDoS attacks

This is not just a theory. In October 2019, Amazon Web Services (AWS) suffered a major DDoS attack roughly eight hours long. Users couldn’t connect because AWS miscategorized their legitimate customer queries as malicious. Google Cloud Platform encountered a variety of troubles at roughly the same time, but the company claims they were unrelated to DDoS. A few weeks earlier, a number of DDoS attacks knocked out a South African ISP for a full day, making internet access widely impossible.

To continue reading this article register now

Download CIO's Roadmap Report: 5G in the Enterprise